the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2025-01-27 17:18:24 +08:00
Code Issues Projects Releases Packages Wiki Activity

Security fix

Browse source
This commit is contained in:
RainLoop Team 2014-02-13 13:34:31 +04:00 committed by RayMan
parent 85ddad1f1b
commit c9e394c585
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
rainloop/v/0.0.0/app/libraries/MailSo/Base/HtmlUtils.php
View file

@ -484,7 +484,7 @@ class HtmlUtils
{
$oElement->setAttribute('src', 'javascript:false');
}
if (\in_array($sTagNameLower, array('a', 'form', 'area')))
{
$oElement->setAttribute('target', '_blank');
@ -507,6 +507,16 @@ class HtmlUtils
@$oElement->removeAttribute('data-bind');
@$oElement->removeAttribute('xmlns');
if ($oElement->hasAttribute('href'))
{
$sHref = \trim($oElement->getAttribute('href'));
if (!\preg_match('/^(http[s]?|ftp|skype|mailto):/i', $sHref))
{
$oElement->setAttribute('data-x-broken-href', $sHref);
$oElement->setAttribute('href', 'javascript:false');
}
}
if ($oElement->hasAttribute('src'))
{
$sSrc = \trim($oElement->getAttribute('src'));